OnionCat can provide access to using UDP and IPv6
over Tor without the extra openssh openvpn layers.

Onion to onion sets an average range of RTT due
to hopcount and speed of light. Software layers
add on top of that.


Those widely deploying onioncat / onionvpn should be
aware of some caveats and good future oppurtunities...

- Users have to compile and run them, they may not
be as available platform wide as openvpn / ssh.
That's minor since joint effort with those projects can be started
to port, document, and publish them [and their binaries again], etc.

- They're IPv6 only, that's minor, expected and ok since everyone
has local IPv6 stacks and apps now and IPv6 is the way forward.
[The encapsulated IPv4 mode is a hack, use IPv6 instead.]

- Doesn't yet work with v3 onion services automagically.
Tor may require an address resolution / translation layer
to do that, which would probably also end up handling
hostnames naming layer as a bonus.
This is a big oppurtunity for anyone who wants to design it :)

- Tor is thinking to kill off v2 onion services despite all the
uses and users of IPv6 and UDP via onioncat / onionvpn.
There is a trac ticket somewhere to continue v2 onion
services in perpetuity, with various levels of support, up
to and including fork of tor client and or network.
Continuation is a fine middle ground.

A few of the related tickets...
https://trac.torproject.org/projects/tor/ticket/23079
https://trac.torproject.org/projects/tor/ticket/6001
https://trac.torproject.org/projects/tor/ticket/25955

There are some communities using bittorrent, voice comms,
and other applications for many years, entirely within onionland,
via onioncat, onionvpn, udp, ipv6. So the tech works pretty good :)


See also...
https://www.onioncat.org/
https://github.com/rahra/onioncat
https://github.com/david415/onionvpn

https://itsecx.fhstp.ac.at/wp-content/uploads/2014/11/FischerOnionCat.pdf
search: the lists for "onioncat", there are detailed posts that
could be collated for reference by those working on things.

Hi Conrad,
Tor Metrics has some data on average latencies for client to Onion
service. This is your absolute minimum latency, with the only way to
reduce this being to have latency-aware path selection or to reduce
latencies on the Internet (e.g. by swapping fibre for copper or copper
for microwave).

https://metrics.torproject.org/onionperf-latencies.html

You get benefit from using an Onion Service over using an exit in that
you're using less constrained resources (exits are scarce) but you also
add extra hops to your circuit. For now, these extra hops do increase
latency. Configuring your onion service to not be location hidden would
improve this.

It would be interesting to see what kind of overheads are added by
OnionCat, but I see that this is a project that has an end in sight
unless someone comes up with a way to make it work with v3 Onion
Services. IPv6 addresses are not long enough to encode keys into to make
them self-authenticating. Either we need IPv7 or perhaps some
Onion-native network layer or something else.

If you have the endpoints that support it, Codec2 might give you some
benefits. This was originally designed for amateur-radio low bandwidth
digital voice but is also supported by Asterisk.

It might also be that half-duplex communication (even if implemented
with humans saying "over") could bring benefits as this would allow you
to increase the buffer sizes without having people talking over each other.

Thanks,
Iain.